Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Tuesday, December 21, 2010

Browse » Home » , , , , , , , , » LINUX : How to create a Proxy Server?

LINUX : How to create a Proxy Server?

ASSP is a SMTP Spam Proxy server. It can also integrate with ClamAVfairly easily, giving a "one stop shop" and allowing your mail serverto simply handle mail. The following assumes you are installing ASSP onthe same machine as your SMTP server, but ASSP is designed to allow itto run on a separate machine, freeing up resources on the SMTP serverfor other things. Additionally, ASSP can be used to check mail formultiple destinations, giving the option to have one (or more) powerfulspam/virus filtering system for multiple smtp servers.
Again, this assumes the filtering is taking place on theSMTP/IMAP/POP server, but placing it on a separate machine onlyrequires minor modifications.

Install ClamAV

Anti-Virus's are very volatile, which is exactly the reason that the volatile Debian repository was built. See http://www.debian.org/volatile/. For this reason, we will want to turn on volatile so we can have a much more recent version of clamav.
echo 'deb http://volatile.debian.org/debian-volatile etch/volatile main contrib non-free' >> /etc/apt/sources.list
apt-get update
apt-get install clamav clamav-daemon clamav-docs libgmp3c2 clamav arj unzoo unrar lha clamav-testfiles libcompress-zlib-perl libdigest-md5-perl libemail-valid-perl libfile-readbackwards-perl libfile-scan-perl libmail-spf-query-perl libmail-srs-perl libnet-dns-perl libsys-syslog-perl libnet-ldap-perl libtime-hires-perl mysql-server mysql-client libmysqlclient15-dev
clamav-daemon will die because the new virus database has not been issued. do a
tail -f /var/log/clamav/freshclam.log
until you see the virus databaes update, then start the daemon with
/etc/init.d/clamav-daemon start
test your install:
clamscan /usr/share/clamav-testfiles/


Install Required Libraries and Test

Now, we need the File::Scan::ClamAV perl module, which is notincluded in Debian and, frankly, is a pain in the butt. I had troubleinstalling File::Scan::ClamAV on my Debian server. So, I did thefollowing:
cd /usr/src
wget http://search.cpan.org/CPAN/authors/id/C/CF/CFABER/File-Scan-ClamAV-1.8.tar.gz
tar -xzvf File-Scan-ClamAV-1.8.tar.gz
cd File-Scan-ClamAV-1.8
perl Makefile.PL
make
make test # I get a lot of errors on this, but it seems to work, so I do the next step
make install
First, Tie::RDBM is not in the Debian repository, so we will download and install.
cd /usr/src
wget http://search.cpan.org/CPAN/authors/id/L/LD/LDS/Tie-DBI-1.02.tar.gz
tar -xzvf Tie-DBI-1.02.tar.gz
cd Tie-DBI-1.02
perl Makefile.PL
make
make test # again i get errors, but the install goes well
make install
Also, Net::Syslog is not here, so we get it also
cd /usr/src
wget http://search.cpan.org/CPAN/authors/id/L/LH/LHOWARD/Net-Syslog-0.03.tar.gz
tar -xzvf Net-Syslog-0.03.tar.gz
cd Net-Syslog-0.03
perl Makefile.PL
make
make test
make install

Now, add in additional perl libraries as needed by assp. See [1]

apt-get install libcompress-zlib-perl libdigest-md5-perl libemail-valid-perl libfile-readbackwards-perl libfile-scan-perl libmail-spf-query-perl libmail-srs-perl libnet-dns-perl libsys-syslog-perl libnet-ldap-perl libtime-hires-perl unzip libdbi-perl libplrpc-perl libnet-daemon-perl
To test your installation of the perl library, use the followingsimple perl script (an adaptation of the CPAN documentation). Create anew file, say "test.pl" and give it the following contents:
#! /usr/bin/perl -w
use File::Scan::ClamAV; # ensure File::Scan::ClamAV is installed
use Net::Syslog; # ensure Net::Syslog is installed
use Tie::RDBM; # ensure Tie::RDBM is installed
# test configuration of File::Scan::ClamAV
my $av = new File::Scan::ClamAV(port => '/var/run/clamav/clamd.ctl', find_all => 1);
if($av->ping){
my %found = $av->scan('/usr/share/clamav-testfiles/');
for my $file (keys %found){
print "Found virus: $found{$file} in $file\n";
}
}
1;
run this as
perl -w test.pl
You should get no errors, and output similar to the output of the clamscan output above.

Install ASSP

First, let's build a MySQL home for ASSP
mysql -u root -p # just log in
create database assp;
grant all on assp.* to assp@localhost identified by 'your password here';

http://www.asspsmtp.org/wiki/Debian_Linux_install_using_Postfix

cd /usr/src/
wget -c http://surfnet.dl.sourceforge.net/sourceforge/assp/ASSP_1.3.1-Install.zip
mkdir ASSP
cd ASSP
unzip ../ASSP_*-Install.zip
mkdir -p /usr/share/assp/spam
mkdir /usr/share/assp/notspam
mkdir /usr/share/assp/errors
mkdir /usr/share/assp/errors/spam
mkdir /usr/share/assp/errors/notspam
mv -f ASSP/* /usr/share/assp
cd ..
rm -fRv ASSP
chown -R 0.0 /usr/share/assp
cd /usr/share/assp
# this gives us a starting place for spam filtering
# See http://www.asspsmtp.org/wiki/Documentation#Training
lynx http://www.iworld.de/homes/fb/ASSP/S05BB20E1?WasRead=1 # (download spamdb.zip)
unzip spamdb.zip
perl assp.pl
On your web browser, go to http://yourdomain:55555. Log in with any username, and password nospam4me

Configure postfix and init.d

Stop assp.pl by pressing ctrl-c

Do the following only if running postfixadmin on the proxy serverEdit /etc/postfixadmin/config.inc.php and change $CONF['smtp_port'] to 125
Edit /etc/postfix/master.cf
  • Comment out the line that reads smtp inet n - - - - smtpd
  • Add the line ((preserve any additional 'n's) Only if running proxy on your mail server
125  inet  n  -  -  -  -  smtpd
Restart Postfix
/etc/init.d/postfix restart
Create /etc/init.d/assp with the following contents:
#!/bin/sh -e
# Start or stop ASSP
#
# original version by Ivo Schaap <ivo@lineau.nl> had issues on Debian4. Modified by atramos.
PATH=/bin:/usr/bin:/sbin:/usr/sbin
case "$1" in
start)
echo -n "Starting the Anti-Spam SMTP Proxy"
cd /usr/share/assp
perl assp.pl 2>&1 > /dev/null &
 ;;
stop)
echo -n "Stopping the Anti-Spam SMTP Proxy"
kill -9 `ps ax | grep "perl assp.pl" | grep -v grep | awk '{ print $1 }'`
 ;;
restart)
$0 stop || true
$0 start
 ;;
*)
echo "Usage: /etc/init.d/assp {start|stop|restart}"
exit 1
 ;;
esac
exit 0
Set permissions, and insert it into the various default runlevels, then start the daemon
chmod 755 /etc/init.d/assp
update-rc.d assp defaults
/etc/init.d/assp start

Configure ASSP

These are the options I turned on. They put the server into testmode, and set some basic things. Explore: there are many more options.You might also go to the assp wiki at http://www.asspsmtp.org/wiki/ which contains additional information.


  1. Network Setup
    1. SMTP Listen Port = 25
    2. SMTP Destination = IP/Port of your mail server
  2. Spam Control
    1. Add Spam Probability Header = Check
  3. Relaying
    1. Skip Local domain Check = Check
  4. Validate Sender
    1. Block All Remote Sender with Local Domain Address = check
    2. Reversed Lookup = 2 (log only)
    3. Validate Sender Domain MX/A = 2 (log only)
  5. Attachment & Viruses
    1. Use ClamAV = check
    2. Port or file socket for ClamAV = /var/run/clamav/clamd.ctl (for Debian)
  6. Bayesian Options
    1. Add Bayes Confidence Header = check
  7. TestModes
    1. Prepend Spam Subject Testmode = TEST MODE
    2. Prepend Spam Tag = check
    3. BlackDomain Test Mode = check
    4. Helo-Blacklist Test Mode = check
    5. Spam Address Test Mode = check
    6. DNSBL Test Mode = check
    7. URIBL Test Mode = check
    8. Missing MX/A Record Test Mode = check
    9. Reversed Lookup Test Mode = check
    10. Invalid Helo Test Mode = check
    11. Forged Local Helo Test Mode = check
    12. Forged Local Sender Test Mode = check
    13. Message Scoring Test Mode = check
  8. Email Interface
    1. Help Address = SpamHelp
    2. Report Spam Address = ThisIsSpam
    3. Report not-Spam Address = NotSpam
    4. Add To Whitelist Address = AddToWhitelist
    5. Remove from Whitelist Address = RemoveFromWhitelist
    6. From Address for Reports = A (possibly valid) admin e-mail address
  9. File Paths
    1. Email Whitelist Database File = mysql
    2. Email Redlist Database File = mysql
    3. Delaying Database = mysql
    4. MySQL hostname or IP = localhost
    5. MySQL database name = assp
    6. MySQL username = assp
    7. MySQL password = the dataase password
  10. Collecting
    1. Use Subject as Maillog Names = Check
  11. Logging
    1. SYSLOG Centralized Logging = Check
  12. Server Setup
    1. Run ASSP as a Daemon = Check
    2. My Name = your FQDN
    3. Web Admin Port = Change to some weird port
    4. Web Admin Password = Change this
    5. Jump to the End of the Maillog = check

Optional

If you have some spam already (say in a private directory), you canjump start the spam learning by copying it into /usr/share/assp/spamand executing
cd /usr/share/assp
perl rebuildspamdb.pl
If you find ham in the spam folder, or spam in the ham, move the message to the correct folder and execute the above also.
You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.
Thanks YAHOO OR GMAIL

0 comments:

Post a Comment

 
Back to Top